/*     */ package com.zimbra.cs.servlet;
/*     */ 
/*     */ import com.zimbra.common.account.Key.AccountBy;
/*     */ import com.zimbra.common.service.ServiceException;
/*     */ import com.zimbra.common.util.Log;
/*     */ import com.zimbra.common.util.ZimbraLog;
/*     */ import com.zimbra.cs.account.Account;
/*     */ import com.zimbra.cs.account.AccountServiceException.AuthFailedServiceException;
/*     */ import com.zimbra.cs.account.CacheAwareProvisioning;
/*     */ import com.zimbra.cs.account.Provisioning;
/*     */ import com.zimbra.cs.account.auth.AuthContext.Protocol;
/*     */ import java.security.Principal;
/*     */ import java.util.Set;
/*     */ import javax.security.auth.Subject;
/*     */ import org.eclipse.jetty.security.DefaultIdentityService;
/*     */ import org.eclipse.jetty.security.IdentityService;
/*     */ import org.eclipse.jetty.security.LoginService;
/*     */ import org.eclipse.jetty.security.MappedLoginService.KnownUser;
/*     */ import org.eclipse.jetty.security.MappedLoginService.RolePrincipal;
/*     */ import org.eclipse.jetty.server.UserIdentity;
/*     */ import org.eclipse.jetty.util.security.Credential;
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ public class ZimbraLoginService
/*     */   implements LoginService
/*     */ {
/*  48 */   protected IdentityService identityService = new DefaultIdentityService();
/*     */   protected String name;
/*     */   
/*     */   public void setIdentityService(IdentityService idService)
/*     */   {
/*  53 */     this.identityService = idService;
/*     */   }
/*     */   
/*     */   public IdentityService getIdentityService()
/*     */   {
/*  58 */     return this.identityService;
/*     */   }
/*     */   
/*     */   public void setName(String name) {
/*  62 */     this.name = name;
/*     */   }
/*     */   
/*     */   public String getName()
/*     */   {
/*  67 */     return this.name;
/*     */   }
/*     */   
/*     */ 
/*     */   public void logout(UserIdentity user) {}
/*     */   
/*     */ 
/*     */   public boolean validate(UserIdentity user)
/*     */   {
/*  76 */     return false;
/*     */   }
/*     */   
/*     */   public UserIdentity login(String username, Object credentials)
/*     */   {
/*     */     try
/*     */     {
/*  83 */       Provisioning prov = Provisioning.getInstance();
/*  84 */       Account account = prov.get(Key.AccountBy.name, username);
/*  85 */       if (account != null) {
/*  86 */         if (!(credentials instanceof String)) {
/*  87 */           ZimbraLog.security.warn("passed credentials are not a String? [%s]", new Object[] { credentials == null ? "null" : credentials.getClass().getName() });
/*     */         }
/*  89 */         tryLogin(account, (String)credentials, true);
/*  90 */         return makeUserIdentity(username);
/*     */       }
/*     */     } catch (AccountServiceException.AuthFailedServiceException e) {
/*  93 */       ZimbraLog.security.debug("Auth failed");
/*     */     } catch (ServiceException e) {
/*  95 */       ZimbraLog.security.warn("ServiceException in auth", e);
/*     */     }
/*  97 */     return null;
/*     */   }
/*     */   
/*     */   private void tryLogin(Account account, String credentials, boolean first) throws ServiceException
/*     */   {
/* 102 */     Provisioning prov = Provisioning.getInstance();
/* 103 */     if (account != null) {
/*     */       try {
/* 105 */         prov.authAccount(account, credentials, AuthContext.Protocol.http_basic);
/*     */       }
/*     */       catch (AccountServiceException.AuthFailedServiceException e) {
/* 108 */         if ((!first) || (!(prov instanceof CacheAwareProvisioning)) || (!((CacheAwareProvisioning)prov).isCacheEnabled())) {
/* 109 */           throw e;
/*     */         }
/*     */         
/* 112 */         ZimbraLog.security.debug("auth failed, refreshing Account object and trying again in case of recent password change");
/* 113 */         prov.reload(account);
/* 114 */         tryLogin(account, credentials, false);
/*     */       }
/*     */     }
/*     */   }
/*     */   
/*     */ 
/*     */ 
/*     */   UserIdentity makeUserIdentity(String userName)
/*     */   {
/* 123 */     Credential credential = Credential.getCredential("");
/*     */     
/*     */ 
/* 126 */     String roleName = "user";
/* 127 */     Principal userPrincipal = new MappedLoginService.KnownUser(userName, credential);
/* 128 */     Subject subject = new Subject();
/* 129 */     subject.getPrincipals().add(userPrincipal);
/* 130 */     subject.getPrivateCredentials().add(credential);
/* 131 */     subject.getPrincipals().add(new MappedLoginService.RolePrincipal(roleName));
/* 132 */     subject.setReadOnly();
/*     */     
/* 134 */     UserIdentity identity = this.identityService.newUserIdentity(subject, userPrincipal, new String[] { roleName });
/*     */     
/* 136 */     return identity;
/*     */   }
/*     */ }


/* Location:              /home/mint/zimbrastore.jar!/com/zimbra/cs/servlet/ZimbraLoginService.class
 * Java compiler version: 7 (51.0)
 * JD-Core Version:       0.7.1
 */